Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding detection events for py3-pipenv #8230

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Adding detection events for py3-pipenv #8230

Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
b494f10
Adding Advisory GHSA-248v-346w-9cwc for py3-pipenv
octo-sts[bot] Sep 15, 2024
8259176
Adding Advisory GHSA-34jh-p97f-mpxf for py3-pipenv
octo-sts[bot] Sep 15, 2024
740d13c
Adding Advisory GHSA-9wx4-h78v-vm56 for py3-pipenv
octo-sts[bot] Sep 15, 2024
dabc0e0
Adding Advisory GHSA-cx63-2mw6-8hw5 for py3-pipenv
octo-sts[bot] Sep 15, 2024
c6bec28
Adding Advisory GHSA-g4mx-q9vg-27p4 for py3-pipenv
octo-sts[bot] Sep 15, 2024
b26b08c
Adding Advisory GHSA-jjg7-2v4v-x38h for py3-pipenv
octo-sts[bot] Sep 15, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
113 changes: 113 additions & 0 deletions py3-pipenv.advisories.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,113 @@
schema-version: 2.0.2

package:
name: py3-pipenv

advisories:
- id: CGA-4598-xjqf-h4hj
aliases:
- CVE-2024-3651
- GHSA-jjg7-2v4v-x38h
events:
- timestamp: 2024-09-15T03:45:24Z
type: detection
data:
type: scan/v1
data:
subpackageName: py3-pipenv
componentID: d1e6a3a2d3416144
componentName: idna
componentVersion: "3.4"
componentType: python
componentLocation: /usr/lib/python3.12/site-packages/pipenv/patched/pip/_vendor/vendor.txt
scanner: grype

- id: CGA-7cmg-jf3v-jhp2
aliases:
- CVE-2024-6345
- GHSA-cx63-2mw6-8hw5
events:
- timestamp: 2024-09-15T03:45:21Z
type: detection
data:
type: scan/v1
data:
subpackageName: py3-pipenv
componentID: d7278c576cb79d38
componentName: setuptools
componentVersion: 68.0.0
componentType: python
componentLocation: /usr/lib/python3.12/site-packages/pipenv/patched/pip/_vendor/vendor.txt
scanner: grype

- id: CGA-96mv-rv54-6452
aliases:
- CVE-2024-39689
- GHSA-248v-346w-9cwc
events:
- timestamp: 2024-09-15T03:45:18Z
type: detection
data:
type: scan/v1
data:
subpackageName: py3-pipenv
componentID: aee940d97f0096ea
componentName: certifi
componentVersion: 2023.7.22
componentType: python
componentLocation: /usr/lib/python3.12/site-packages/pipenv/patched/pip/_vendor/vendor.txt
scanner: grype

- id: CGA-fj2j-4w85-84w5
aliases:
- CVE-2023-45803
- GHSA-g4mx-q9vg-27p4
events:
- timestamp: 2024-09-15T03:45:22Z
type: detection
data:
type: scan/v1
data:
subpackageName: py3-pipenv
componentID: 9aa7abf1236fa515
componentName: urllib3
componentVersion: 1.26.17
componentType: python
componentLocation: /usr/lib/python3.12/site-packages/pipenv/patched/pip/_vendor/vendor.txt
scanner: grype

- id: CGA-rph3-q3pf-cjv7
aliases:
- CVE-2024-35195
- GHSA-9wx4-h78v-vm56
events:
- timestamp: 2024-09-15T03:45:20Z
type: detection
data:
type: scan/v1
data:
subpackageName: py3-pipenv
componentID: 9a581ddc12d68606
componentName: requests
componentVersion: 2.31.0
componentType: python
componentLocation: /usr/lib/python3.12/site-packages/pipenv/patched/pip/_vendor/vendor.txt
scanner: grype

- id: CGA-rwm8-75qr-7r2p
aliases:
- CVE-2024-37891
- GHSA-34jh-p97f-mpxf
events:
- timestamp: 2024-09-15T03:45:19Z
type: detection
data:
type: scan/v1
data:
subpackageName: py3-pipenv
componentID: 9aa7abf1236fa515
componentName: urllib3
componentVersion: 1.26.17
componentType: python
componentLocation: /usr/lib/python3.12/site-packages/pipenv/patched/pip/_vendor/vendor.txt
scanner: grype